qdPM 9.1 Arbitrary File Upload

Exploit Title: qdPM 9.1 - Arbitrary File Upload Date: 2020-05-06 Author: Besim ALTINOK Vendor Homepage: https://sourceforge.net/projects/qdpm/ Software Link: https://sourceforge.net/projects/qdpm/ Version: v9.1 Maybe it affect other versions Tested on: Xampp Credit: İsmail BOZKURT Remotely: Yes...

qdPM 9.1 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: qdPM 9.1 - Arbitrary File Upload Author: Besim ALTINOK Vendor Homepage: https://sourceforge.net/projects/qdpm/ Software Link: https://sourceforge.net/projects/qdpm/ Version: v9.1 Maybe it affect other versions Tested on: Xampp...

PHP-Fusion 9.03.50 - (Edit Profile) Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link:...

PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload

Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...

Threat Spotlight: MedusaLocker

By Edmund Brumaghin, with contributions from Amit Raut. Overview MedusaLocker is a ransomware family that has been observed being deployed since its discovery in 2019. Since its introduction to the threat landscape, there have been several variants observed. However, most of the functionality...

Information Disclosure

simplesamlphp is vulnerable to information disclosure. It does not properly handle a request with an uppercase file extension '.PHP', causing the server to disclose the contents of the file by sending to the browser instead of executing it and therefore leaking the sensitive source code in...

Valve: Shell command injection in https://partner.steamgames.com/apps/communityitems/ via file extension of item_image_small and item_image_large

Shell command injection in https://partner.steamgames.com/apps/communityitems/ via file extension of itemimagesmall and itemimagelarge. Shell injection was achieved on a publishing gateway through metacharacter injection in an item-upload path...

CVE-2020-10212

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

CVE-2020-10212

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

CVE-2020-10212

CVE-2020-10212 concerns Responsive FileManager. The vulnerability is an SSRF in upload.php via the url parameter, affecting 9.13.4 and 9.14.0, with the issue rooted in how file-extension blocking is handled and DNS hostnames resolving to internal IPs; this is noted as a consequence of an incomple...

GUnet OpenEclass 1.7.3 E-learning platform - (month) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection

Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link: http://download.openeclass.org/files/1.7/eclass-1.7.3.tar.gz Version:...

CVE-2016-11020

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution...

Insecure File Permission

dnn.platform is vulnerable to insecure file permission. The vulnerability is possible because of missing whitelisted file extension check for permissible file types for normal user at server side, allowing a low privileged normal user to upload files with extensions which are allowed only for...

MGASA-2020-0099 Updated nextcloud packages fix security vulnerability

Updated nextcloud packages fix security vulnerability: A bug in Nextcloud Server causes the workflow rules to depend their behavior on the file extension when checking file mimetypes CVE-2019-15613. The nextcloud package has been updated to version 15.0.14, fixing this issue and other bugs...

Dnssearch - A Subdomain Enumeration Tool

This software is a subdomain enumeration tool. Purpose dnssearch takes an input domain -domain parameter and a wordlist -wordlist parameter , it will then perform concurrent DNS requests using the lines of the wordlist as sub domains eventually bruteforcing every sub domain available on the top...

DotNetNuke 9.5 - File Upload Restrictions Bypass

Exploit Title: DotNetNuke 9.5 - File Upload Restrictions Bypass Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip Version: = 9.5 CVE : N/A More...

openSUSE Security Update : nextcloud (openSUSE-2020-220)

This update for nextcloud fixes the following issues : Nextcloud was updated to 15.0.14 : - NC-SA-2020-002, CVE-2019-15613: workflow rules to depend their behaviour on the file extension when checking file mimetypes boo1162766 - NC-SA-2019-016, CVE-2019-15623: Exposure of Private Information caus...

OPENSUSE-SU-2020:0220-1 Security update for nextcloud

This update for nextcloud fixes the following issues: Nextcloud was updated to 15.0.14: - NC-SA-2020-002, CVE-2019-15613: workflow rules to depend their behaviour on the file extension when checking file mimetypes boo1162766 - NC-SA-2019-016, CVE-2019-15623: Exposure of Private Information caused...

CVE-2019-15613

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes...